International investigation shuts down $850 million Butterfly botnet

An international investigation, fueled with information gleaned by Facebook’s security operations, has succeeded in shutting down what authorites said was a botnet linked to millions of computers that stole hundreds of millions of dollars from victims around the globe.

The Department of Justice and the FBI, along with international law enforcement partners, announced on Dec. 11 that 10 people from Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom and the United States have been arrested in the massive fraud operation. Law enforcement organizations also said they had executed numerous search warrants and interviews in the case, according to the FBI.

Investigators identified international cyber crime rings linked to multiple variants of the Yahos malware, which has infiltrated more than 11 million computers systems and over $850 million in losses that were stolen via the Butterfly botnet that steals computer users’ credit card, bank account, and other personal identifiable information.

Insidious “Botnets” -- short for robot network -- are made up of compromised computer systems and are used by Cyber criminals to execute distributed denial of service attacks, send spam e-mails, and conduct underground organized criminal activity, to include malware distribution.

The FBI said Facebook’s security team assisted law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by the malware. Yahos targeted Facebook users from 2010 to October 2012, and security systems were able to detect affected accounts and provide tools to remove these threats, it said.

The sprawling investigation was conducted by the FBI’s Cyber Division, International Operations Division, and field offices in Albany, NY; Baltimore; Boston; Charlotte, NC; Cincinnati and Cleveland, OH; Dallas and El Paso, TX; Honolulu, Jacksonville, FL; Los Angeles; Milwaukee; New Haven, CT; New Orleans; Norfolk, VA; Philadelphia, Pittsburgh, Sacramento and San Diego, CA; San Juan, Puerto Rico; St. Louis; Tampa; and Washington, D.C. The Department of Justice’s Computer Crime and Intellectual Property Section, the U.S. Attorney’s Office for the District of Hawaii, the U.S. Attorney’s Office for the Western District of Pennsylvania, and the U.S. Attorney’s Office for the District of Columbia also participated.